Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 4633 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

routing between two local ethernet connections

Marc Reid

I have added a second local network to my Sophos UTM 9, and the related firewall rules to allow traffic between them.

However, despite NOT having a masquerading rule, whenever I access sites between the two networks, the IP of the Sophos router is used.

I.e. I connect from 10.6.1.10 to 10.10.1.1, the machine at 10.10.1.1 logs the connection as coming from the 10.6.1.1 (Sophos router) ip!

I just want the router to route between the two subnets without changing anything (and I know each machine needs to know how to route back).

Thanks for your help!



This thread was automatically locked due to age.
Parents
  • +1

    Sounds like you are using transparent web protection for both subnets.

    To have only the firewall rulesets involved between your local subnets you have to add both networks in the destination skip list.

    If web traffic is proxied the destination always sees the UTMs IP as source, internal as external (you can not SNAT proxy traffic to an additional IP).

  • 0 in reply to kerobra_retired

    thanks, that is what was happening. didn't realize that was on by default and had to make exceptions for lan-to-lan connections.

  • 0 in reply to Marc Reid

    Hi, Marc, and welcome to the UTM Community!

    Kevin's solved your problem, but you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address. I also maintain a version auf Deutsch initially translated by fellow member hallowach when he and I did a major revision in 2013.

    Cheers - Bob

  • 0 in reply to BAlfson

    How about generally opening a new discussion for that topic, Bob. We discussed it via PM and nobody of us went further and opened a thread after it.
    Because it's your work I wanted to leave that to you.

Reply Children